South Korean soldiers stand at the main gate of a military training unit in Yeoncheon
South Korean soldiers stand at the main gate of a military training unit in Yeoncheon on Dec 13, 2022. Photo: AFP
Asia PacificCyberTechnology

N. Korean Hackers Use ChatGPT to Launch Deepfake ID Phishing Attack: Report

Photo of Rojoef Manuel Rojoef ManuelSeptember 15, 2025
1 minute read

A suspected North Korean state-backed hacking group used ChatGPT to create fabricated military identification cards (IDs) in a phishing campaign targeting South Korean military agencies and civil society groups.

Seoul-based cybersecurity firm Genians said the group, known as Kimsuky, sent emails containing malware while pretending to ask recipients to review “sample” ID card designs for civilian employees, The Korea Herald reported.

The attached images were deepfakes, or AI-generated to look like real IDs, making the phishing attempts seem legitimate, along with messages containing links that installed malware capable of stealing information from victims’ computers and devices.

The hackers appear to have bypassed ChatGPT’s restrictions on creating government IDs by presenting their requests as harmless mock-up designs.

“They probably persuaded the AI models by saying they were producing sample designs, not replicating actual military ID cards,” the outlet quoted Genians as saying.

Researchers also found the phishing emails were sent from fake web addresses such as “.mli.kr,” designed to look like South Korea’s official defense websites ending in “.mil.kr.”

Expanding Role of AI in Cyber Attacks

The incident highlights Pyongyang’s increasing use of generative AI and deepfake technologies in cyber operations.

In August, US-based AI firm Anthropic revealed that North Korean hackers had used its Claude model to create fake résumés, cover letters, and coding samples to get jobs at overseas IT companies. 

Once employed, the hackers allegedly used AI to perform technical work and gather intelligence.

“While AI services offer convenience in the workplace, they also carry the risk of being exploited for cyber operations with potential national security consequences,” Anthropic warned.

Mun Chong-hyun, director at Genians, said hackers can now use generative AI for nearly every stage of an attack, “from planning and developing malware to impersonating recruiters.”

Longstanding Espionage Network

Kimsuky has long been identified by Washington and Seoul as Pyongyang’s state-sponsored cyber-espionage group, with the US Department of Homeland Security describing the unit as “most likely tasked by the North Korean regime with a global intelligence-gathering mission.”

Officials say North Korea’s broader cyber strategy includes phishing, cryptocurrency theft, and secret IT contracting to raise money for its heavily sanctioned nuclear weapons program.

The number of victims in the latest phishing campaign is not yet known, according to The Korea Herald.

Tags
Photo of Rojoef Manuel Rojoef ManuelSeptember 15, 2025
1 minute read

Related Articles

150326-N-ZZ999-001 WATERS TO THE SOUTH OF THE KOREAN PENINSULA, Republic of Korea (March 26, 2015) – An MV-22 Osprey, from Marine Medium Tiltrotor Squadron 262 (reinforced), 31st Marine Expeditionary Unit, demonstrates its vertical takeoff and landing (VSTOL) capabilities aboard the amphibious assault ship ROKS Dokdo (LPH 6111) during training to strengthen the interoperability between the Navy and Marine Corps of both the U.S. and Republic of Korea. The Marines of the 31st MEU are embarked aboard the forward-deployed amphibious assault ship USS Bonhomme Richard (LHD 6) and currently conducting a regularly-scheduled patrol of the Asia-Pacific region. (U.S. Navy photo courtesy of ROK Navy / Released)

Airbility, Schübeler Launch eVTOL Propulsion Tech Collaboration

May 15, 2026

Maris-Tech Pushes Drones Closer to Fully Autonomous Target Tracking

May 15, 2026
Manned-unmanned teaming demonstration.

Hanwha, Milrem Team Up on Unmanned Ground Vehicle for Romania

May 15, 2026

OpenAI Pushes GPT-5.5 Into Cyber Defense With ‘Daybreak’ Initiative

May 14, 2026

Peraton Targets Cognitive Warfare With New AI Platform

May 14, 2026
Rendering of the lead Trump-class battleship USS Defiant (BBG-1)

US Navy Unveils 30-Year ‘Golden Fleet’ Modernization Plan to Reach 450+ Ships

May 13, 2026
Troops in formation at an icy environment.

Canada Tests AI to Handle Arctic Surveillance Overload

May 13, 2026

Shield AI Brings Hivemind to Taiwan’s Thunder Tiger Uncrewed Systems

May 13, 2026
Advanced Battle Management System (ABMS)

US Air Force Taps L3Harris to Bolster C2 Data-Sharing Capability

May 8, 2026
U.S. Air Force Capt. Justin Kong, 312th Airlift Squadron pilot, operates a Hypoxia Familiarization Trainer (HFT) while wearing a quick don mask during aerospace physiology training at Travis Air Force Base, California, Sept. 9, 2025. An HFT is a sophisticated training device used to teach aircrew how to recognize and respond to the symptoms of oxygen deprivation in daylight and lowlight conditions. (U.S. Air Force photo by Senior Airman Robert Nichols)

US Army Hospital’s New AI Tool Hunts for Early Lung Cancer Clues

May 8, 2026
Back to top button